Skip to main content

Microsoft Releases May 2022 Security Updates

Scheduled updates for Microsoft products

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Scheduled updates for Microsoft products


The following platforms are also known to be affected:

Other products included

  • Windows Active Directory
  • Microsoft Graphics Component
  • Microsoft Local Security Authority Server (lsasrv)
  • Microsoft Office Excel
  • Microsoft Windows ALPC
  • Role: Windows Fax Service
  • Role: Windows Hyper-V
  • Self-hosted Integration Runtime
  • Tablet Windows User Interface
  • Visual Studio Code
  • Windows Active Directory
  • Windows Address Book
  • Windows Authentication Methods
  • Windows BitLocker
  • Windows Cluster Shared Volume (CSV)
  • Windows Failover Cluster Automation Server
  • Windows Kerberos
  • Windows Kernel
  • Windows LDAP - Lightweight Directory Access Protocol
  • Windows Media
  • Windows Network File System
  • Windows NTFS
  • Windows Point-to-Point Tunneling Protocol
  • Windows Print Spooler Components
  • Windows Push Notifications
  • Windows Remote Access Connection Manager
  • Windows Remote Desktop
  • Windows Remote Procedure Call Runtime
  • Windows Server Service
  • Windows Storage Spaces Controller
  • Windows WLAN Auto Config Service

Threat details

Introduction

Microsoft has released updates to address 75 vulnerabilities in Microsoft software, with 8 vulnerabilities considered critical. An unauthenticated remote attacker can exploit some of these vulnerabilities to take control of an affected system.


Threat updates

Date Update
20 May 2022 Microsoft releases out-of-band update to address authentication failure issues after installing the May Windows update

Microsoft have released out-of-band (OOB) updates for Domain Controllers in response to the authentication failures observed after applying the May 2022 monthly security updates. These failures were related to how the mapping of certificates to machine accounts was being handled by the domain controller.  

Affected organisations are encouraged to review the relevant advisories below.

Cumulative updates

 

 

 

Standalone Updates:

 

 

 


Remediation advice

Affected organisations are encouraged to review Microsoft’s May 2022 Security Update Summary and Deployment Information and apply the necessary updates.


Last edited: 20 May 2022 3:06 pm